US11057311B2 - Electronic device and method for receiving data via an asynchronous communication network, related communication system and computer program - Google Patents

Electronic device and method for receiving data via an asynchronous communication network, related communication system and computer program Download PDF

Info

Publication number
US11057311B2
US11057311B2 US16/785,285 US202016785285A US11057311B2 US 11057311 B2 US11057311 B2 US 11057311B2 US 202016785285 A US202016785285 A US 202016785285A US 11057311 B2 US11057311 B2 US 11057311B2
Authority
US
United States
Prior art keywords
network
elementary
frame
sending
jitter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
US16/785,285
Other languages
English (en)
Other versions
US20200267087A1 (en
Inventor
Stéphane Monnier
Patrice Capircio
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Thales SA
Original Assignee
Thales SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Thales SA filed Critical Thales SA
Assigned to THALES reassignment THALES ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: CAPIRCIO, PATRICE, MONNIER, STEPHANE
Publication of US20200267087A1 publication Critical patent/US20200267087A1/en
Application granted granted Critical
Publication of US11057311B2 publication Critical patent/US11057311B2/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L12/40052High-speed IEEE 1394 serial bus
    • H04L12/40104Security; Encryption; Content protection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/28Flow control; Congestion control in relation to timing considerations
    • H04L47/283Flow control; Congestion control in relation to timing considerations in response to processing delays, e.g. caused by jitter or round trip time [RTT]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4604LAN interconnection over a backbone network, e.g. Internet, Frame Relay
    • H04L12/462LAN interconnection over a bridge based backbone
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/54Store-and-forward switching systems 
    • H04L12/56Packet switching systems
    • H04L12/5601Transfer mode dependent, e.g. ATM
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0852Delays
    • H04L43/087Jitter
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40267Bus for use in transportation systems
    • H04L2012/4028Bus for use in transportation systems the transportation system being an aircraft
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/44Star or tree networks
    • H04L2012/445Star or tree networks with switching in a hub, e.g. ETHERNET switch
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/54Store-and-forward switching systems 
    • H04L12/56Packet switching systems
    • H04L12/5601Transfer mode dependent, e.g. ATM
    • H04L2012/5638Services, e.g. multimedia, GOS, QOS
    • H04L2012/5646Cell characteristics, e.g. loss, delay, jitter, sequence integrity
    • H04L2012/5649Cell delay or jitter

Definitions

  • the present invention relates to an electronic receiving device for receiving data via an asynchronous communication network including at least one elementary network, the electronic device being configured to be connected to said elementary network.
  • the invention also relates to an electronic data communication system including an electronic sending device and such an electronic receiving device, connected to one another by an asynchronous communication network, the communication network including at least one elementary network.
  • the invention also relates to a receiving method for receiving data via an asynchronous communication network including at least one elementary network, the method being carried out by an electronic receiving device connected to said elementary network.
  • the invention also relates to a non-transitory computer-readable medium including a computer program including software instructions which, when executed by a computer, implement such a receiving method.
  • the invention relates to the field of systems communicating with asynchronous communication networks, for example Ethernet communication networks, in particular avionics communication systems on board aircraft, such as avionics communication systems according to part 7 of standard ARINC 664.
  • asynchronous communication networks for example Ethernet communication networks, in particular avionics communication systems on board aircraft, such as avionics communication systems according to part 7 of standard ARINC 664.
  • the communication network comprises two independent elementary networks each including at least one source equipment item and at least one receiving equipment item connected to one another by at least one physical link through at least one switch.
  • Each equipment item is connected to each elementary network, and each frame sent by a source equipment item over a virtual link over an independent elementary network comprises a number included in a predetermined interval.
  • the surveillance method comprises, for managing a redundancy between elementary networks, the definition, for this virtual link, of a window included in said predetermined interval, corresponding to frames already received at that given time instant; comparing the number of the received frame with said window, and taking the received frame into account when the frame number is not included in said window.
  • the aim of the invention is then to propose an electronic device and a method for receiving data via an asynchronous redundant communication network, which make it possible to improve the surveillance of the network, and in particular to detect a cyberattack more effectively.
  • the invention relates to an electronic receiving device for receiving data via an asynchronous communication network including at least one elementary network, the electronic device being configured to be connected to said elementary network and comprising:
  • the electronic receiving device then makes it possible to improve the surveillance of the asynchronous network by estimating the jitter of the network from the minimum time gap and the reception time instants of the frames, then comparing the estimated jitter to the authorized range of network jitter values. Indeed, watching the network jitter and detecting an abnormal jitter value makes it easier to detect a replacement of an equipment item connected to the network with malicious equipment, a replacement of a network switch with a malicious switch, as well as an abnormal use of the network for example resulting from a cyber-attack.
  • the electronic receiving device comprises one or more of the following features, considered alone or according to all technically possible combinations:
  • the invention also relates to an electronic data communication system including an electronic sending device and an electronic receiving device, connected to one another by an asynchronous communication network, the asynchronous communication network comprising at least one elementary network, the electronic sending device being configured to send, to the electronic receiving device, several successive data frames over said elementary network, and the electronic receiving device being as defined above.
  • the invention also relates to a receiving method for receiving data via an asynchronous communication network including at least one elementary network, the receiving method being carried out by an electronic receiving device connected to said elementary network, and comprising:
  • the invention also relates to a non-transitory computer-readable medium including a computer program including software instructions which, when executed by a computer, implement a receiving method as defined above.
  • FIG. 1 is a schematic illustration of an aircraft equipped with a communication system according to the invention, including at least two items of avionic equipment connected to one another by an asynchronous communication network;
  • FIG. 2 is a schematic view illustrating the sending of frames according to a predefined sending table over an elementary network of the asynchronous communication network of FIG. 1 and with a minimum time gap between the sending time instants of two successive frames;
  • FIG. 3 is a schematic view illustrating the surveillance of the reception of frames, from reception time instants and an estimated network jitter
  • FIG. 4 is a flowchart of a data transmission method within the communication system of FIG. 1 .
  • the expression “substantially equal to” defines a relationship of equality to within plus or minus 10%, preferably to within plus or minus 5%.
  • an aircraft 10 includes a communication system 12 comprising at least two electronic equipment items 14 connected to one another by an asynchronous communication network 16 , such as a redundant Ethernet communication network.
  • asynchronous communication network 16 such as a redundant Ethernet communication network.
  • the aircraft 10 is preferably an airplane.
  • the aircraft 10 is a helicopter, or a drone piloted remotely by a pilot.
  • the communication system 12 comprises several electronic equipment items 14 , such as avionics equipment like in the example of FIG. 1 , where the communication system 12 is embedded in the aircraft 10 .
  • the communication system 12 comprises an electronic sending device 18 and an electronic receiving device 20 connected to one another by the asynchronous communication network 16 .
  • each electronic equipment item 14 is preferably configured, on the one hand, to send data to the other piece(s) of electronic equipment 14 , and on the other hand, to receive data from the other piece(s) of electronic equipment 14 .
  • Each electronic equipment item 14 then preferably includes the sending device 18 and the receiving device 20 .
  • an electronic equipment item 14 that is only intended to send data and not to receive it will then comprise the sending device 18 , but not the receiving device.
  • an electronic equipment item 14 that is only intended to receive data from other avionic equipment item(s) 14 will then include the receiving device 20 , but not the sending device.
  • Each electronic equipment item 14 is preferably according to part 7 of standard ARINC 664.
  • each electronic equipment item 14 includes an information processing unit 22 , for example made up of a memory 24 associated with a processor 26 .
  • a single electronic equipment item 14 is shown in detail with the different devices and modules that it contains, in order to simplify the drawing.
  • the communication network 16 includes at least one network switch 28 and at least one two-way link 30 , each network switch 28 being connected to one or several electronic equipment items 14 via respective two-way links 30 .
  • the communication network 16 preferably includes several network switches 28 , like in the example of FIG. 1 , where the communication network 16 includes two network switches 28 connected to one another by a two-way link 30 .
  • each network switch 28 is an Ethernet network switch, for example of the switched “full-duplex”Ethernet type
  • each two-way link 30 is a two-way Ethernet link, for example of the switched “full-duplex” Ethernet type.
  • the communication network 16 preferably conforms to part 7 of standard ARINC 664, and each network switch 28 then also conforms to part 7 of standard ARINC 664.
  • the communication network 16 is for example an AFDX (Avionics Full DupleX switched Ethernet) network with one or several network switch(es) 28 according to part 7 of standard ARINC 664.
  • the communication network 16 of the switched “full-duplex” Ethernet type is based on the switched full-duplex Ethernet standard described by standard IEEE802.3, and offers improved functionalities relative to this standard to allow better reliability in the transmission of information, in particular in the avionics field.
  • the communication network 16 offers a deterministic transmission time by adding communication services on the Ethernet network.
  • This deterministic aspect uses a virtual link concept, which is a conceptual representation of a connection of a source equipment item 14 to at least one receiving equipment item 14 .
  • Such a virtual link concept makes it possible to isolate data transfers between a source equipment item 14 and receiving equipment items 14 .
  • a virtual link is seen as a “pipe” on the network 16 .
  • a virtual link is for example characterized by:
  • the switch 28 knows, from a static configuration, virtual links that it must switch as well as the number of packets authorized for a virtual link.
  • This virtual link concept makes it possible to freeze the communications between the equipment items 14 by configuring the routes and the bandwidth allocated to the virtual links.
  • the flow formed by a virtual link is guaranteed not to be disrupted by the other flows sharing the same physical links all along its route in the network.
  • this virtual link concept makes it possible, through a centralized management of the flows, to guarantee that the sum of the bandwidth allocated to the virtual links on a same physical link does not exceed the capabilities of the technology thereof.
  • the asynchronous communication network 16 includes at least one elementary network, for example corresponding to a respective virtual link.
  • the asynchronous communication network 16 is preferably a redundant communication network and comprises at least two independent elementary networks, redundant with respect to one another.
  • two electronic equipment items 14 , a source equipment item and a receiving equipment item communicate via at least two independent elementary networks.
  • the redundancy is provided frame by frame on each of said networks.
  • the source equipment successively sends information frames 32 to the receiving equipment.
  • Each of said frames 32 is sent, with an identical data field, onto each of the networks. Based on the load and the configuration of said elementary networks, these two frames 32 may arrive at the receiving equipment at different time instants.
  • the case is considered where the two elementary networks work correctly, and therefore the two sent frames 32 arrive at the receiving equipment item 14 .
  • a data frame 32 is defined as a data set sent in a single operation over the communication network 16 .
  • the data of each frame 32 are not interpreted.
  • the communication network 16 transports them without knowing their meaning.
  • Each frame 32 comprises a frame identifier and a data field.
  • the frame identifier is included in network data used to convey the frame 32 to its destination.
  • the data field corresponds to the useful data, which is the “payload” of the frame.
  • Each frame 32 generally includes a useful data portion and a frame header and footer portion.
  • the frame identifier is then included in the frame header and footer portion, and the data field corresponds to the useful data portion.
  • the frame identifier is made up of an identifier of the corresponding virtual link, also denoted VL_ID (Virtual Link IDentifier), and a sequence number (SN).
  • VL_ID Virtual Link IDentifier
  • SN sequence number
  • the identifier of the corresponding virtual link, or VL_ID is included in a destination address field, which in turn is included in the frame header and footer portion.
  • the sequence number is a counter for a given virtual link, and is incremented each time a frame 32 is sent having the same virtual link identifier (VL_ID), which makes it possible to distinguish two frames 32 associated with the same virtual link.
  • the sequence number, or SN is also included in the frame header and footer portion.
  • Each electronic sending device 18 is configured to send, to the receiving electronic device(s) 20 , at least one data frame 32 on each of the elementary networks.
  • Each sending device 18 is configured to be connected to each elementary network.
  • each sending device 18 then includes a sending module 40 configured to send, to the receiving electronic device(s) 20 , at least one data frame 32 on a corresponding elementary network, preferably on each of the elementary networks when the communication network 16 is redundant.
  • Each sending device 18 is for example an avionics device according to part 7 of standard ARINC 664, and the sending module 40 is then configured to send each frame 32 according to a protocol conforming to part 7 of standard ARINC 664.
  • Each electronic receiving device 20 is configured to receive data, in particular data frames 32 , via the asynchronous communication network 16 .
  • Each receiving device 20 is configured to be connected to each elementary network.
  • Each receiving device 20 comprises a receiving module 42 configured to receive several successive data frames 32 via the communication network 16 , each frame 32 being sent over the elementary network according to a predefined sending table TAB and with a minimum time gap BAG between the sending time instants of two successive frames 32 .
  • each reception device 20 comprises a verification module 44 configured, for at least two received data frames 32 , to estimate a network jitter G from the minimum time gap BAG and reception time instants of at least two frames 32 received on said elementary network, then to compare the estimated jitter G to an authorized range of network jitter values.
  • Each receiving device 20 is for example an avionics device conforming to part 7 of standard ARINC 664, and the receiving module 42 is then configured to receive each frame 32 according to a protocol conforming to part 7 of standard ARINC 664.
  • Each network switch 28 is known in itself, and comprises several communication ports, also called connection ports, each communication port being able to be connected to a corresponding electronic equipment item 14 .
  • the sending module 40 , the receiving module 42 and the verification module 44 are each made in the form of software, or a software component, executable by the processor 26 .
  • the memory 24 is then capable of storing sending software configured to send at least one data frame 32 over the corresponding elementary network according to the predefined sending table TAB to other receiving device(s) 20 .
  • the memory 24 is also able to store receiving software configured to receive, via the communication network 16 , at least one data frame 32 transmitted over said elementary network, and verification software configured, for at least two received data frames 32 , to estimate the network jitter G from the minimum time gap BAG and reception time instants of at least two frames 32 received on said elementary network, then to compare the estimated jitter G to the authorized range of network jitter values.
  • the processor 26 of the information processing unit 22 is then able to execute the sending software in the case of the sending device 18 , or to execute the receiving software and the verification software in the case of the receiving device 20 .
  • the sending module 40 , the receiving module 42 and the verification module 44 are each made in the form of a programmable logic component, such as an FPGA (Field Programmable Gate Array), or in the form of a dedicated integrated circuit, such as an ASIC (Applications Specific Integrated Circuit).
  • a programmable logic component such as an FPGA (Field Programmable Gate Array)
  • ASIC Applications Specific Integrated Circuit
  • the sending module 40 and the receiving module 42 are each made in the form of software, or a software component, executable by the processor 26 ; and the verification module 44 is made in the form of a programmable logic component, such as an FPGA.
  • the electronic receiving device 20 When the electronic receiving device 20 is made in the form of one or several software programs, i.e., in the form of a computer program, it is further able to be stored on a medium, not shown, readable by computer.
  • the computer-readable medium is for example a medium suitable for storing electronic instructions and able to be coupled with a bus of a computer system.
  • the readable medium is an optical disc, a magnetic-optical disc, a ROM memory, a RAM memory, any type of non-volatile memory (for example, EPROM, EEPROM, FLASH, NVRAM), a magnetic card or an optical card.
  • a computer program including software instructions is then stored on the readable medium.
  • the sending module 40 is configured to send each data frame 32 over the corresponding elementary network according to the predefined sending table TAB and with the minimum time gap BAG between the sending time instants of two frames 32 , sent successively over said elementary network, as shown in FIG. 3 .
  • each frame 32 associated with a first virtual link A is denoted Ak, where k is an integer index incremented from 1 .
  • each frame 32 associated with a second virtual link B is denoted Bi
  • each frame 32 associated with a third virtual link C is denoted Ck.
  • each of the virtual links A, B, C forms an elementary network of said asynchronous communication network 16 .
  • the predefined sending table TAB includes a frame A 1 for the first virtual link A, a frame B 1 for the second virtual link B, and two frames C 1 , C 2 for the third virtual link C, the minimum time gap BAG then being shown between the sending time instants of the two frames C 1 , C 2 .
  • the verification module 44 is able to estimate the network jitter G from the minimum time gap BAG and reception time instants of at least two frames 32 received on said elementary network, to compare the estimated jitter G to the authorized range of network jitter values. As an optional addition, the verification module 44 is able to generate an alert in case of inconsistency of the estimated jitter G, that is to say, when the value of the estimated network jitter G is not comprised in the authorized range of network jitter values.
  • the verification module 44 is preferably configured to estimate the network jitter G from the duration ⁇ T R separating two reception time instants and a predefined inter-frame time period ⁇ T T , the predefined inter-frame time period ⁇ T T being a function of the minimum time gap BAG.
  • the predefined inter-frame time period ⁇ T T is for example equal to the minimum time gap BAG divided by an oversampling factor K.
  • the verification module 44 is for example configured to estimate the network jitter G according to the following equation:
  • G represents the estimated network jitter
  • ⁇ T R represents the duration separating the reception time instants of two frames 32 received on said elementary network by the receiving module 42 ;
  • E represents the integer part operator, returning the largest integer less than or equal to the considered number, E(z) i.e., is the largest integer less than or equal to z;
  • ⁇ T T represents the predefined inter-frame time period, ⁇ T T for example verifying the following equation:
  • BAG represents the minimum time gap between the sending time instants of two successive frames 32 ;
  • K represents the oversampling factor
  • the minimum time gap is also called BAG (Bandwidth Allocation Gap) and then corresponds to a bandwidth allocation gap.
  • this minimum time gap BAG is an important characteristic of the communication network 16 , and corresponds to a maximum speed at which the data can be sent, in that it is then guaranteed that they will be sent with this minimum time gap.
  • the bandwidth allocated to a virtual link is characterized by the minimum time gap BAG, which defines the minimum time between the beginnings of the sending of two successive frames belonging to a same virtual link. After passing through the communication network 16 , two frames that were separated by this minimum time gap BAG can find themselves alongside one another at the receiving device 20 . Furthermore, part 7 of standard ARINC 664 does not define a maximum value of the time gap separating two frames of a same virtual link.
  • frames 32 For a set of frames 32 to be sent continuously over a same elementary network, in particular over a same virtual link, frames 32 cannot, however, be sent exactly systematically with a time gap between two successive frames 32 that is equal to this minimum time gap BAG, and the shift can then be observed between a theoretical sending time instant and an observed (or measured) sending time instant, this shift then being called sending jitter.
  • the sending jitter is typically less than 500 ⁇ s.
  • the minimum time gap BAG is for example substantially equal to 16 ms or 32 ms.
  • the sending table TAB then makes it possible to control the sending jitter, by defining the sending time instants of successive frames 32 over a same elementary network, in particular over a same virtual link, and by then guaranteeing, by construction, the duration separating two successive sendings of frames 32 over said elementary network.
  • the sending table TAB also supplies a sending time signature for the communication network 16 , which is then used by the verification module 44 , in order to detect any anomaly on the communication network 16 .
  • the verification module 44 is further configured to compare the estimated jitter G for the respective elementary network to the estimated jitter(s) G for the other elementary network(s) of a group of elementary network(s), this group of elementary network(s) corresponding to a data transmission path with at least one network switch 28 in common.
  • the verification module 44 is configured to implement an algorithm for managing the redundancy frame by frame on each of the elementary networks, like that disclosed in document FR 2,864,393 B1.
  • the verification module 44 is preferably configured to implement said redundancy management algorithm, before estimating the network jitter G from the minimum time gap BAG and reception time instants of at least two frames 32 received on said elementary network, then to compare the estimated jitter G to the authorized range of network jitter values.
  • the network jitter G is preferably estimated after implementing the redundancy management algorithm.
  • the verification module 44 is then able to compare the estimated jitter for the respective virtual link to the estimated jitter(s) G for the other virtual link(s) of a group of virtual links, this group of virtual links corresponding to a data transmission path with at least one network switch 28 in common.
  • the authorized range of network jitter values is for example determined through preliminary learning including the sending of predefined sequences of frames.
  • This preliminary learning preferably includes the sending of normal sequences corresponding to authorized network jitter values and abnormal sequences corresponding to noncompliant network jitter values.
  • Noncompliant network jitter values refer to values outside the authorized range of network jitter values, that is to say, not belonging to said authorized range.
  • the authorized range of network jitter values is then determined through a machine learning method.
  • the impact of data from different virtual links, but circulating over common physical routes can be characterized by unsupervised learning methods, such as a cluster k-means method, which performs a classification of the exchanged data as a function of the value of a distance, the distance here being chosen to be characteristic of an actual route, that is to say, of the impact of the network jitter of the actual route common to the data frames 32 .
  • unsupervised learning methods such as a cluster k-means method, which performs a classification of the exchanged data as a function of the value of a distance, the distance here being chosen to be characteristic of an actual route, that is to say, of the impact of the network jitter of the actual route common to the data frames 32 .
  • the authorized range of network jitter values is determined through a static analysis of the network 16 and the predefined sending table TAB.
  • the authorized range of network jitter values depends on an operating phase in which the aircraft 10 is found on which the electronic receiving device 20 is configured to be embedded. Indeed, the bandwidth of the communication network 16 depends on the operating phase of the aircraft 10 , and the network jitter G will then also vary as a function of the operating phase of the aircraft 10 .
  • a first authorized range of network jitter values is associated with the ground phase of the aircraft 10
  • a second authorized range of network jitter values is associated with the flight phases of the aircraft 10 .
  • Said second range preferably includes values greater than those of said first range. This then makes it possible to account for the difference in traffic between the flight and ground phases. On the ground, the network jitter G is lower, since all of the equipment items of the aircraft 10 are not operational.
  • the predefined inter-frame time period ⁇ T T is preferably greater than twice the maximum value G max of the authorized range of network jitter values.
  • FIG. 4 showing a flowchart of the data transmission method within the communication system 12 from a sending device 18 to receiving device(s) 20 via the asynchronous communication network 16 .
  • the sending device 18 sends, via its sending module 40 and to receiving device(s) 20 , several data frames 32 on a respective elementary network of the asynchronous communication device 16 .
  • the respective elementary network forms a data link for the transmission of said frames 32 , and for example corresponds to a virtual link when the communication network 16 conforms to part 7 of standard ARINC 664.
  • each receiving device 20 receives, on said elementary network, that is to say, on said data link, of the asynchronous communication network 16 and via its receiving module 42 , the sent data frames 32 .
  • Each recipient receiving device 20 having received several frames 32 then verifies, during the following step 120 and via its verification module 44 , that the value of the network jitter estimated from these received frames 32 is coherent, and generates an alarm signal if not.
  • the verification step 120 then includes a sub-step 130 during which the verification module 44 estimates the network jitter G from the minimum time gap BAG and reception time instants of the frames 32 received on said elementary network.
  • the verification step 120 next comprises a sub-step 140 during which the verification module 44 compares the estimated network jitter G to the authorized range of network jitter values. An alert is generated by the verification module 44 in case of inconsistency detected during this comparison, that is to say, if the estimated value of the network jitter G is outside the authorized range of network jitter values.
  • FIG. 3 then illustrates a verification that the network jitter G does not exceed the maximum value G max of the authorized range of network jitter values, by calculating authorized successive reception time ranges of a following frame 32 from the reception time instant of a previous frame 32 , for different evaluation levels.
  • the evaluation of the network jitter G in light of the maximum network jitter value G max is done on two frames 32 received successively, that is to say, between a previous frame with identifier N and a following frame with identifier N+1, for example based on the reception time instants of the frames C 1 and C 2 , or frames C 2 and C 3 , or frames C 3 and C 4 in FIG. 3 , the evaluation is said to be level 1 , also denoted N 1 .
  • this evaluation is done between a previous frame with identifier N and a following frame with identifier N+2, for example based on the reception time instants of the frames C 1 and C 3 , or frames C 2 and C 4 in FIG.
  • the evaluation is said to be level 2 , also denoted N 2 .
  • the evaluation is said to be level 3 , also denoted N 3 , and so forth.
  • the successive authorized receiving time ranges for the following frame 32 are then defined by minimum durations T j m(Ni) and maximum durations T j M(Ni) from the reception time instant of the preceding frame 32 , where i is an integer index greater than or equal to 1, associated with the evaluation level; and j is an integer index greater than or equal to 1 and incremented by 1 upon each new authorized successive time range.
  • the first authorized time range is between the minimum T 1 m(N 1 ) and maximum T 1 M(N 1 ) durations
  • the second authorized time range is between the minimum T 2 m(N 1 ) and maximum T 2 M(N 1 ) durations, and so forth, from the reception time instant of the preceding frame 32 .
  • the first authorized time range is between the minimum T 1 m(N 2 ) and maximum T 1 M(N 2 ) durations
  • the second authorized time range is between the minimum T 2 m(N 2 ) and maximum T 2 M(N 2 ) durations, and so forth, from the reception time instant of the frame 32 previously received.
  • i represents the integer index of the evaluation level, i ⁇ 1;
  • j represents the integer index of the authorized reception time range, j ⁇ 1;
  • BAG represents the minimum time gap between the sending time instants of two successive frames 32 ;
  • ⁇ T T represents the predefined inter-frame time period, previously defined and for example verifying the equation (Math2);
  • G max represents the maximum value of the authorized range of network jitter values.
  • the verification module 44 then triggers an alarm, denoted ALM, when the reception time instant of a following frame 32 is outside an authorized respective reception time range from the reception time instant of a previous frame 32 .
  • an alarm ALM is then triggered in the case of the frame C 4 received after the maximum duration T 2 M(N 2 ), and before the next minimum duration T 3 m(N 2 ), as of the time instant of reception of the frame C 2 for this level evaluation N 2 .
  • An alarm ALM is also triggered in the case of the frame C 4 received after the maximum duration T 2 M(N 3 ), and before the next minimum duration T 3 m(N 3 ), as of the time instant of reception of the frame C 1 for this level evaluation N 3 .
  • the electronic receiving device 20 makes it possible to estimate the network jitter G from the minimum time gap BAG and the reception time instants of the frames, then to compare the estimated network jitter G to the authorized range of network jitter values, in order to detect an abnormal value of the network jitter G.
  • This surveillance of the network jitter G then makes it possible to detect any attack on the communication network 16 simply and directly, at the electronic receiving device 20 , without having to use information sent by third-party equipment items, which would also potentially be compromised.
  • an abnormal jitter value makes it easier to detect a replacement of an equipment item connected to the network with malicious equipment. Indeed, in the case of such a replacement, the network jitter is difficult for the malicious equipment item to control, and an abnormal value following this replacement will then be detected by the receiving device 20 .
  • the network jitter will also be difficult for the malicious switch to control, and an abnormal value following this replacement will then be detected by the receiving device 20 .
  • a nil value of the network jitter which can also be synonymous with the total absence of traffic, other than that of the surveilled elementary network, on the communication network will also typically be detected by the receiving device 20 , then being less than the minimum value of the authorized range of network jitter values. Such a detection is also desired because a total absence of traffic is suspicious.
  • the receiving device 20 then makes it possible to detect different types of malicious attacks, like those cited above, in particular cyber-attacks, and in general makes it possible to improve the surveillance of the communication network 16 .

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Environmental & Geological Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
US16/785,285 2019-02-15 2020-02-07 Electronic device and method for receiving data via an asynchronous communication network, related communication system and computer program Active US11057311B2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR1901557 2019-02-15
FR1901557A FR3092953B1 (fr) 2019-02-15 2019-02-15 Dispositif electronique et procede de reception de donnees via un reseau de communication asynchrone, systeme de communication et programme d'ordinateur associes

Publications (2)

Publication Number Publication Date
US20200267087A1 US20200267087A1 (en) 2020-08-20
US11057311B2 true US11057311B2 (en) 2021-07-06

Family

ID=67742530

Family Applications (1)

Application Number Title Priority Date Filing Date
US16/785,285 Active US11057311B2 (en) 2019-02-15 2020-02-07 Electronic device and method for receiving data via an asynchronous communication network, related communication system and computer program

Country Status (4)

Country Link
US (1) US11057311B2 (zh)
EP (1) EP3697030B1 (zh)
CN (1) CN111585829B (zh)
FR (1) FR3092953B1 (zh)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112422851B (zh) * 2020-11-16 2022-06-28 新华三技术有限公司 视频切换方法、装置及设备
CN113727185B (zh) * 2021-08-20 2024-04-02 百果园技术(新加坡)有限公司 视频帧播放方法及系统
CN114640754B (zh) * 2022-03-08 2024-06-14 京东科技信息技术有限公司 视频抖动检测方法、装置、计算机设备及存储介质

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030076780A1 (en) * 2001-07-27 2003-04-24 Thales Task management method for a packet switch routing automaton forming part of a secured packet-switching transmission network
US20040073690A1 (en) * 2002-09-30 2004-04-15 Neil Hepworth Voice over IP endpoint call admission
US20040225916A1 (en) * 2003-04-14 2004-11-11 Clark Alan D. System for identifying and locating network problems
FR2864393A1 (fr) 2003-12-17 2005-06-24 Airbus France Reseau de communication redondant de type ethernet full-dupl full-duplex commute, et procedure de gestion de la redondance d'un tel reseau, notamment dans le domaine avionique.
US20080219163A1 (en) * 2001-11-05 2008-09-11 Jean-Francois Saint Etienne Package switching network with a deterministic behavior
FR2920623A1 (fr) 2007-09-03 2009-03-06 Airbus France Sa Dispositif de commutation de trames pour reseau afdx.
US20140135068A1 (en) * 1999-12-14 2014-05-15 Texas Instruments Incorporated Systems, processes and integrated circuits for rate and/or diversity adaptation for packet communications
US20150103734A1 (en) 2013-10-11 2015-04-16 Ge Aviation Systems Llc Data communications network for an aircraft
US20170171112A1 (en) * 2015-12-14 2017-06-15 Airbus Operations (S.A.S.) Onboard communication network of a vehicle and subscriber of such a communication network
US20180337938A1 (en) 2017-05-19 2018-11-22 Robert Bosch Gmbh Method for protecting a network against a cyberattack
US20190389599A1 (en) * 2018-06-21 2019-12-26 Honeywell International Inc. Methods and systems for detecting data anomalies

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2832011B1 (fr) 2001-11-05 2005-05-20 Airbus France Reseau de communication de type ethernet full duplex commute et procede de mise en oeuvre de celui-ci
CN101123571A (zh) * 2006-08-07 2008-02-13 北京三星通信技术研究有限公司 基于自适应抖动缓冲的调度策略的调整方法
CN102523108A (zh) * 2011-12-07 2012-06-27 中国航空无线电电子研究所 基于航空全双工交换以太网的航空电子管理系统
CN102780589B (zh) * 2012-06-06 2014-10-29 北京航空航天大学 一种基于虚拟链路的静态路由网络时延抖动测试方法
US9485113B2 (en) * 2013-10-11 2016-11-01 Ge Aviation Systems Llc Data communications network for an aircraft

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140135068A1 (en) * 1999-12-14 2014-05-15 Texas Instruments Incorporated Systems, processes and integrated circuits for rate and/or diversity adaptation for packet communications
US20030076780A1 (en) * 2001-07-27 2003-04-24 Thales Task management method for a packet switch routing automaton forming part of a secured packet-switching transmission network
US20080219163A1 (en) * 2001-11-05 2008-09-11 Jean-Francois Saint Etienne Package switching network with a deterministic behavior
US20040073690A1 (en) * 2002-09-30 2004-04-15 Neil Hepworth Voice over IP endpoint call admission
US20040225916A1 (en) * 2003-04-14 2004-11-11 Clark Alan D. System for identifying and locating network problems
FR2864393A1 (fr) 2003-12-17 2005-06-24 Airbus France Reseau de communication redondant de type ethernet full-dupl full-duplex commute, et procedure de gestion de la redondance d'un tel reseau, notamment dans le domaine avionique.
FR2920623A1 (fr) 2007-09-03 2009-03-06 Airbus France Sa Dispositif de commutation de trames pour reseau afdx.
US20100284313A1 (en) * 2007-09-03 2010-11-11 AIRBUS OPERATIONS (inc. as a Soc. par ACT. Simpl.) Frame switching device
US20150103734A1 (en) 2013-10-11 2015-04-16 Ge Aviation Systems Llc Data communications network for an aircraft
US20170171112A1 (en) * 2015-12-14 2017-06-15 Airbus Operations (S.A.S.) Onboard communication network of a vehicle and subscriber of such a communication network
US20180337938A1 (en) 2017-05-19 2018-11-22 Robert Bosch Gmbh Method for protecting a network against a cyberattack
US20190389599A1 (en) * 2018-06-21 2019-12-26 Honeywell International Inc. Methods and systems for detecting data anomalies

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
French Search Report issued by the the French Patent Office in corresponding French Patent Application No. 1901557, dated Nov. 29, 2019.

Also Published As

Publication number Publication date
CN111585829A (zh) 2020-08-25
EP3697030B1 (fr) 2021-06-02
CN111585829B (zh) 2024-03-15
EP3697030A1 (fr) 2020-08-19
US20200267087A1 (en) 2020-08-20
FR3092953B1 (fr) 2021-10-15
FR3092953A1 (fr) 2020-08-21

Similar Documents

Publication Publication Date Title
US11057311B2 (en) Electronic device and method for receiving data via an asynchronous communication network, related communication system and computer program
US11356475B2 (en) Frame transmission prevention apparatus, frame transmission prevention method, and in-vehicle network system
US10200404B2 (en) Behavioral white labeling
US10756848B2 (en) Electronic device and method for receiving data via a redundant communication network, related communication system and computer program
Liu et al. Identifying malicious nodes in multihop IoT networks using diversity and unsupervised learning
US20160182541A1 (en) Method for detecting intrusion in network
US10142210B2 (en) In-line tool performance monitoring and adaptive packet routing
US10218593B2 (en) Identifying sources of packet drops in a service function chain environment
US9548928B2 (en) Network system, controller, and load distribution method
US20200120119A1 (en) Detecting and deterring network attacks
KR20210015705A (ko) 차량 내부 네트워크에 대한 sdn 기반의 침입 대응 방법 및 이를 이용한 시스템
US10432511B2 (en) Method for forwarding data in a network, forwarding element for forwarding data, and a network for forwarding data
US10454656B1 (en) AFDX switch supporting multiple types of data traffic
US20140307562A1 (en) Packet loss counter
US10541944B1 (en) High integrity AFDX switches
CN113225198B (zh) 检测vlan错误配置
US10911403B1 (en) Systems and methods for secured maintenance gateway
EP3637645B1 (fr) Dispositif électronique et procédé de réception de données via un réseau de communication redondé, système de communication et programme d'ordinateur associés
Cetinkaya et al. Random and malicious packet transmission failures on multi-hop channels in networked control systems
EP4109826B1 (en) Frame transmission prevention apparatus, frame transmission prevention method, and in-vehicle network system
US12058048B2 (en) Leveraging out-of-band communication channels between process automation nodes
CN111147435B (zh) 反回放处理方法
US20220103420A1 (en) Network management method, network system, aggregated analysis apparatus, terminal apparatus and program
Naeem et al. An Autonomous Intrusion Detection System for Ethernet-Based Avionics Communication Bus
CN118449709A (zh) 用于检测针对时间同步联网的攻击的技术

Legal Events

Date Code Title Description
FEPP Fee payment procedure

Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

AS Assignment

Owner name: THALES, FRANCE

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:MONNIER, STEPHANE;CAPIRCIO, PATRICE;REEL/FRAME:052005/0699

Effective date: 20200110

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS

STPP Information on status: patent application and granting procedure in general

Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT VERIFIED

STCF Information on status: patent grant

Free format text: PATENTED CASE